Random people Random location Random misc

Working around POSIX's faults: Improving the reliability of Linux named services (NSS) for large institutions

(with Vasilios Hoffman)

User account management for large installations typically requires mastering account data from a centralised directory. Whether that directory is AD, NIS, or an RFC 2307-inspired LDAP deployment, Linux System Administrators rely on glibc-based name service (NSS) solutions for client access to the data. In particular, a nameservice library queries the directory whilst an optional caching daemon (nscd) is used to mitigate network constraints.

In this presentation we will demonstrate some systemic problems with this model, and offer a surprisingly simple solution for environments both large and small, one that bypasses the key failure points and increases general NSS reliability.

We will also attempt to discuss the fundamental problems with POSIX NSS, hoping to inspire further investigation into this area.

(Note to reviewers: We expect to have our implementation released and open sourced well before the conference opens, just not before the submission deadline. However the source code is only supplemental and is not the main focus of the presentation.)

Project: nsscache 


Jamie Wilkinson

A previous LCA organiser, Jamie is a Systems Administrator at Google Australia, preferring to write code rather than administer systems, where he has been able to focus on digging deep into the NSS layers of glibc and discovering exciting new ecosystems of code teeming with bugs and new life.

Jamie Wilkinson

A previous LCA organiser, Jamie is a Systems Administrator at Google Australia, preferring to write code rather than administer systems, where he has been able to focus on digging deep into the NSS layers of glibc and discovering exciting new ecosystems of code teeming with bugs and new life.

Vasilios Hoffman

Vasilios, or V to his friends and enemies, started his SA careerbringing beowulf clusters to science departments across his localuniversity. Aside from a stint at the linux technology center at IBM,he worked in university IT until joining Google as a systemsadministrator in mid 2005.

Vasilios Hoffman

Vasilios, or V to his friends and enemies, started his SA careerbringing beowulf clusters to science departments across his localuniversity. Aside from a stint at the linux technology center at IBM,he worked in university IT until joining Google as a systemsadministrator in mid 2005.

© 2007 MEL8OURNE LCA2008 and Linux Australia | Linux is a registered trademark of Linus Torvalds | Site map | Valid XHTML 1.0

rja